Last active
March 26, 2021 23:50
-
-
Save odedlaz/d7ab932bb6c26912bfa64de32d0cfb53 to your computer and use it in GitHub Desktop.
vssh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env fish | |
# add the following line to ~/.config/fish/completions in order to add hostname completion to the script | |
# complete -x -c vssh -d "Remote" -a "(__fish_complete_user_at_hosts)" | |
function get_gateway --argument addr | |
route -n get -net $addr | awk '/gateway/ { print $2 }' | |
end | |
function get_global_protect_interface_ipaddr_from_config | |
# parse global protect settings, extract preferred interface ips | |
# than iterate interfaces and try to find which interface belongs to this ip | |
/usr/libexec/PlistBuddy -c "print 'Palo Alto Networks':GlobalProtect:PanGPS" /Library/Preferences/com.paloaltonetworks.GlobalProtect.settings.plist | \ | |
awk -F'=' '/PreferredIP_/ { print $2 }' | \ | |
tr -d '[:blank:]' | \ | |
xargs -I {} fish -c "ifconfig -a | awk '/inet {}/ { print \$2 }'" | |
end | |
function get_global_protect_interface_ipaddr_from_install_script | |
sudo awk '/\/sbin\/ifconfig [^ ]+ [0-9]/ { print $3 }' \ | |
/Library/Logs/PaloAltoNetworks/GlobalProtect/network/config/itf-install.sh | |
end | |
function add_static_route --argument addr --argument gateway | |
echo "adding a static route from $addr to $gateway" | |
sudo route -n add -net $addr $gateway > /dev/null | |
end | |
function delete_static_route --argument addr | |
echo "deleting static route for $addr" | |
sudo route -n delete -net $addr > /dev/null | |
end | |
set remote (ssh -G $argv 2>/dev/null | awk '/^hostname/ { print $2 }') | |
# get the ip address of the vpn device | |
set gateway (get_global_protect_interface_ipaddr_from_config) | |
if test -z "$gateway" | |
echo "need root privileges in order to find the vpn gateway" | |
set gateway (get_global_protect_interface_ipaddr_from_install_script) | |
end | |
if ! ifconfig -a | grep "$gateway" &>/dev/null | |
echo "couldn't find any interface bound to $gateway" | |
echo "maybe the vpn client is not connected?" | |
exit 1 | |
end | |
# get the hostname that ssh is going to use | |
if test (get_gateway $remote) != "$gateway" | |
echo "need root privileges in order to add a static route" | |
delete_static_route $remote || exit 1 | |
add_static_route $remote $gateway || exit 1 | |
end | |
ssh $argv |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
My use case was a little different but this was very helpful. Thanks Oded!